Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Njr9rrEATM7mjV7eUogRwuULSXg.roa
File: Njr9rrEATM7mjV7eUogRwuULSXg.roa (raw, json)
Hash identifier: fe0RWgOV0inR6tI/F58JT5D8HUvABbU5uEtPh6QbikE=
Subject key identifier: 36:3A:FD:AE:B1:00:4C:CE:E6:8D:5E:DE:52:88:11:C2:E5:0B:49:78
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01942825026B0B80590E77E6BE94164C7D70
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Njr9rrEATM7mjV7eUogRwuULSXg.roa
Signing time: Thu 02 Jan 2025 17:51:41 +0000
ROA not before: Thu 02 Jan 2025 17:51:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206446
IP address blocks: 194.87.183.0/24 maxlen: 24
194.87.211.0/24 maxlen: 24
195.133.33.0/24 maxlen: 24
195.133.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 13:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:02:6b:0b:80:59:0e:77:e6:be:94:16:4c:7d:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 2 17:51:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=363afdaeb1004ccee68d5ede528811c2e50b4978
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:1f:e3:6f:ef:95:7a:88:b7:cb:ac:43:6e:0d:
cf:19:08:83:39:1f:ab:f2:ab:79:de:25:c4:b9:04:
b5:4b:cd:be:c8:cc:a1:bb:db:89:0e:9d:90:33:0d:
1a:d2:21:13:12:95:78:90:6b:27:3d:4c:80:3b:2d:
92:5c:6d:f0:bb:11:01:b4:e8:74:ce:d1:e8:05:0e:
ac:37:a2:38:62:48:ff:81:20:bb:8c:14:88:97:dd:
5f:6c:76:d8:9e:14:8c:40:cd:55:70:dd:0b:82:bb:
7c:a3:75:30:8a:3b:82:98:ed:0b:d3:1a:ce:12:a1:
f6:bb:a2:79:1d:65:33:15:ef:e2:c3:f7:f1:81:81:
3c:1d:5c:65:9f:66:7c:7e:69:70:92:e8:56:3a:b3:
81:31:61:06:78:76:6f:ba:f1:14:be:69:77:40:5a:
0e:09:28:d3:1e:94:4a:7d:bd:35:7a:8e:4d:1f:12:
cb:b7:8a:f8:e9:8b:20:5b:e1:47:a7:c9:c8:1c:69:
e6:db:92:e3:5b:e6:17:72:d6:73:1b:55:75:70:d5:
ea:32:d9:ea:c6:52:9d:e1:fa:0a:12:41:2e:80:81:
79:e7:e3:e1:55:42:86:34:0e:7b:18:f4:6b:42:82:
77:2b:77:b4:e0:cd:54:2b:4c:a5:59:73:42:20:7e:
16:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:3A:FD:AE:B1:00:4C:CE:E6:8D:5E:DE:52:88:11:C2:E5:0B:49:78
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Njr9rrEATM7mjV7eUogRwuULSXg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.183.0/24
194.87.211.0/24
195.133.33.0/24
195.133.95.0/24
Signature Algorithm: sha256WithRSAEncryption
76:8f:cf:f0:b0:42:8d:dd:70:0e:64:04:38:09:b1:a4:aa:29:
d3:dd:4f:c2:9a:6f:6b:16:ed:26:50:f1:52:64:c5:ee:3b:8e:
83:38:be:92:4b:b0:a3:d7:fa:de:16:0b:ff:cd:c0:0a:9a:83:
20:3e:6a:21:df:32:a0:be:f1:b2:29:92:0b:ea:82:c1:fb:7a:
78:0a:ee:8f:56:65:a0:20:a8:81:61:30:91:22:d4:98:98:b7:
3b:fb:24:ef:be:bb:b1:9a:4f:9e:38:da:fc:9f:42:76:47:f8:
6a:c3:ac:07:cc:cc:da:cf:2a:4e:e4:04:db:d0:ae:71:11:ff:
24:a6:dc:fd:80:52:59:42:82:fb:f2:49:cd:84:49:17:22:cb:
c0:9e:93:bb:f2:31:77:ba:35:be:10:8d:6e:bb:f3:e6:39:c9:
0d:ac:54:08:9d:0c:66:0f:0d:4e:82:f9:5f:dd:48:d0:67:1f:
01:09:fd:6f:56:42:52:4a:6b:8a:58:ee:51:a9:fa:88:ed:e1:
9e:3a:52:ee:8a:60:50:47:51:96:1b:ba:b1:54:7b:79:65:85:
31:97:42:68:a8:d5:a4:a7:2f:20:58:c6:4d:1a:bc:89:ba:df:
eb:93:30:fc:a6:5c:ec:7a:e3:34:e8:d1:59:d9:05:55:8f:67:
a3:d4:c2:a4
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQoJQJrC4BZDnfmvpQWTH1wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjUwMTAyMTc1MTQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjNhZmRhZWIxMDA0Y2NlZTY4ZDVlZGU1Mjg4MTFjMmU1MGI0OTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmR/jb++Veoi3y6xDbg3PGQiDOR+r
8qt53iXEuQS1S82+yMyhu9uJDp2QMw0a0iETEpV4kGsnPUyAOy2SXG3wuxEBtOh0
ztHoBQ6sN6I4Ykj/gSC7jBSIl91fbHbYnhSMQM1VcN0Lgrt8o3UwijuCmO0L0xrO
EqH2u6J5HWUzFe/iw/fxgYE8HVxln2Z8fmlwkuhWOrOBMWEGeHZvuvEUvml3QFoO
CSjTHpRKfb01eo5NHxLLt4r46YsgW+FHp8nIHGnm25LjW+YXctZzG1V1cNXqMtnq
xlKd4foKEkEugIF55+PhVUKGNA57GPRrQoJ3K3e04M1UK0ylWXNCIH4W7wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDY6/a6xAEzO5o1e3lKIEcLlC0l4MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvTmpyOXJyRUFUTTdtalY3ZVVvZ1J3dVVMU1hnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwle3AwQA
wlfTAwQAw4UhAwQAw4VfMA0GCSqGSIb3DQEBCwUAA4IBAQB2j8/wsEKN3XAOZAQ4
CbGkqinT3U/Cmm9rFu0mUPFSZMXuO46DOL6SS7Cj1/reFgv/zcAKmoMgPmoh3zKg
vvGyKZIL6oLB+3p4Cu6PVmWgIKiBYTCRItSYmLc7+yTvvruxmk+eONr8n0J2R/hq
w6wHzMzazypO5ATb0K5xEf8kptz9gFJZQoL78knNhEkXIsvAnpO78jF3ujW+EI1u
u/PmOckNrFQInQxmDw1Ogvlf3UjQZx8BCf1vVkJSSmuKWO5RqfqI7eGeOlLuimBQ
R1GWG7qxVHt5ZYUxl0JoqNWkpy8gWMZNGryJut/rkzD8plzseuM06NFZ2QVVj2ej
1MKk
-----END CERTIFICATE-----
Generated at Sat Apr 5 18:07:39 2025 by rpki-client